The Hackers Behind The Election Meddling Are Now Coming For Your Brand

Photographer: Luke MacGregor/Bloomberg

Federal prosecutors announced in October that they had charged a Russian national with meddling in the 2018 U.S. elections, using the same basic playbook as in the 2016 election and others around the world: leveraging social media platforms with paid ad campaigns and phony user accounts to flood the market with disinformation to skew opinions and incite conflict.

Freire: We’ve discovered a number of brands with millions of followers, and unbeknownst to them a lot of those were bots, controlled by hacker groups. They’ve have gotten very sophisticated in creating fake profiles and identities that are hard to trace. These bots can also generate thousands of their own followers within hours. What they then do is take a point about the brand and amplify it in a negative way. The next step it to approach the brand and say, “Hey, we can turn the public against your brand in a big way or we can stop it for a fee.”

Horst: You also talk about the issue of social media brand fraud. What’s that about?

Freire: This is where a hacker takes over a social media account and pretends to be the corporation. McDonald’s had its social media handle taken over and used for political purposes by employees. One of our high-tech customers approached us after its LinkedIn presence was taken over. A well-known insurance company had a hacker group create a fake social media page and say, “Here’s a great promotion: give us your credentials and we’ll put 50 bucks in your account.” Another approach is to pretend to be an employee on Instagram, and then try to sell people insurance online.

Horst: This sounds like classic phishing but turbocharged by the fact that people now trust what they see in social media platforms more than in other venues.

Freire: Exactly. The trust in the platform changes everything. And it’s not just about ransomware. The state actors in particular are using social media for serious corporate espionage. China is deploying bots to conduct corporate spycraft through social media. Iran-backed hackers infiltrated Deloitte’s network by using a phony social profile to connect to an employee and then access sensitive documents. Turkey’s cyber army took over the Twitter accounts of two Fox News reporters—two of only a few dozen people that President Trump follows. Through that relationship, they were able to send a direct message to the President that contained malicious code that, if clicked, would have taken over Trump’s account. (We alerted the FBI and NSA to that.) It’s no longer a big wide blast and hope someone clicks—they’re looking specifically at individuals and researching the kinds of things they’re interested in and what they’d specifically engage with.

Horst: You recently conducted some really interesting research into the way these bots operate. Tell me about that.

Freire: We said, “Let’s change this around: let’s just observe the bots rather than the platform.” We took a crowdsourced database of 320,000 bots, put them in a petri dish and watched to see what happened over several months. They’re deployed very efficiently. They become active, do attacks and then go dormant. Their intent is tied to the news cycle. When the immigrant child separation issue was really hot, they woke up and expressed extreme views on both sides of the issue—almost 50/50. We watched them wake up, share content and then go to sleep. If the Google search volume went up, the bots followed. We categorized the areas the bots focused on and saw things like sowing division across societies and undermining the value of democracy.

Topic categories of Russian bot activitySAFEGUARDCYBER

Peter Horst: So what’s a CMO supposed to do in the midst of all this?

OtavioFreire: People need to realize that they can’t expect the platforms to take care of their corporate brand and reputation interests. Facebook is not the world cop. They can’t be worried about theft in your neighborhood, violent crimes and state-sponsored actions. They have no real obligation to care about the reputation of your brand, which you have carefully curated over many years with millions of dollars. It’s not their job, not Twitter’s not Instagram’s. It’s the CMO’s job to take care of the reputation and the brand and you need to take proactive measures to safeguard your social media accounts, and those of your employees, the same way you protect your network. That means partnering up with your head of IT, head of security to take a comprehensive approach to addressing the cyber risks in your broader social media ecosystem. You’ve got to control your own destiny here.

Marketing strategies to help your team get inspired to make bold moves. Join me.

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Get Tips On How To Inspire Your Marketing Team

Success! Now check your email to confirm your subscription.

There was an error submitting your subscription. Please try again.

Email Address

Consulting

Peter leverages his decades of experience in building businesses across diverse industries to provide advisory services to senior executives and their teams through his consultancy CMO Inc. He consults in the areas of brand strategy, positioning, marketing plan development, innovation, marketing organizational strategy, and campaign development.

Routinely one of the highest-rated keynoters at conferences around the world, Peter brings humor, authenticity, and compelling content to his engagements. Peter is equally comfortable speaking to international CMO forums, technology conferences, and in-house corporate events.